Configuring EJB Client Authentication using SASL DIGEST-MD5 and EXTERNAL mechanisms with Legacy Security in JBoss EAP 7.2

Solution In Progress - Updated -

Issue

The DIGEST-MD5 mechanism does not work in legacy security to EJB client authentication. Is it still possible to use it in EAP 7.2.z?

<subsystem xmlns="urn:jboss:domain:remoting:4.0">
            <http-connector name="http-remoting-connector" connector-ref="https" security-realm="ApplicationRealm">
                <sasl>
                    <include-mechanisms value="DIGEST-MD5"/>
                    <qop value="auth"/>
                    <strength value="medium"/>
                    <server-auth value="false"/>
                    <reuse-session value="false"/>
                    <policy>
                        <forward-secrecy value="true"/>
                        <no-active value="false"/>
                        <no-anonymous value="false"/>
                        <no-dictionary value="true"/>
                        <no-plain-text value="false"/>
                        <pass-credentials value="true"/>
                    </policy>
                </sasl>
            </http-connector>
        </subsystem>

Environment

  • Red Hat JBoss Enterprise Application Platform (EAP)
    • 7.2.x

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content